Setup a proxy server with Raspberry PI, Raspberry PI OS Lite and Squid

Last updated on September 15th, 2020

4.2
(6)

What Are Proxy Servers And Why Use Them

Following Wikipedia description, “a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity“. A descriptive picture is also showed in the same page:

Wikipedia Proxy Concept

Squid is the most popular open source package to create a proxy in your self hosted linux server to reduce home network traffic and improve response time. It can be also used in chain with Privoxy to add network security.

Proxy server are useful in many contexts:

  • in Office context: to control internet traffic by blocking some websites or some keywords, to manage contact with external internet from a single point or to optimize internet bandwidth usage by caching pages at proxy level
  • in Home context: for example to control family internet access to block dangerous websites for childrens
  • in Personal use context: for example to use an anonymous connection or to bypass network ISP blocks

Once setup, proxy server can be configured in client machines both at web browser level (so that only the browser will use proxy) or at system level (in this case, all browsers and terminal commands will use proxy).

In this tutorial we are going to setup a proxy server with Raspberry Pi Zero W, but this procedure applies also to newer Raspberry Pi models.

What We Need

Raspberry PI Zero WH board

As usual, I suggest adding from now to your favourite e-commerce shopping cart all the needed hardware, so that at the end you will be able to evaluate overall costs and decide if continue with the project or remove them from the shopping cart. So, hardware will be only:

Check hardware prices with following links:

Amazon raspberry pi boards box
Amazon raspberry pi Zero W box
Amazon Micro SD box

Step-By-Step Procedure

Following picture summarizes the procedure:

Squid Raspberry PI infographics

In this guide we are going to use default Raspberry PI OS Lite as OS. Then we’ll install Squid (the most popular open source Proxy) and configure it.

I’ll configure Squid to manage access for all clients on a 192.168.1.0/24 private network to internet. You will need to modify this network depending on your needs and networking configurations.

Install OS And Squid

First thing, start from a fresh Raspberry PI OS Lite installation.

Make sure you OS is updated. From command line:

sudo apt update
sudo apt upgrade

Simply install Squid by using Raspberry PI OS repository with following command:

sudo apt install squid

At installation end, check that squid service is active:

sudo systemctl status squid.service

and you should see the following:

● squid.service – Squid Web Proxy Server
Loaded: loaded (/lib/systemd/system/squid.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2019-09-29 11:46:06 BST; 1min 39s ago
Docs: man:squid(8)
Main PID: 5481 (squid)
Memory: 11.9M
CGroup: /system.slice/squid.service
├─5481 /usr/sbin/squid -sYC
├─5483 (squid-1) –kid squid-1 -sYC
├─5486 (logfile-daemon) /var/log/squid/access.log
└─5500 (pinger)

Configure Squid

Squid file and locations you should be aware of are:

  • Squid configuration file: /etc/squid/squid.conf
  • Squid Access log: /var/log/squid/access.log
  • Squid Cache log: /var/log/squid/cache.log

Edit config file, creating a copy:

sudo mv /etc/squid/squid.conf /etc/squid/squid.conf.backup
sudo nano /etc/squid/squid.conf

in this file I’ll leave the default port used from clients to use proxy. If you want to change it, identify and edit the following line:

http_port 3128

to restrict networks allowed to use squid proxy, I will comment all lines starting with “acl localnet src” just by adding an ashtag (#) at the start of line. I’m going to allow my network by typing the following configuration line:

acl localnet src 192.168.1.0/24

Finally identify default rule which is blocking http access:

http_access deny all

and change it to:

http_access allow all

to start using your Squid proxy server.

Close and save the file. Restart Squid service:

sudo systemctl restart squid.service

Configure Your Client To Use Proxy Server

Now you need to configure you client to use proxy server for internet connections. You have to check this depending on your client OS. For example, on Windows clients you should go on Settings -> Network & Internet -> Proxy. Move On “Use a proxy server” switch and insert your Raspberry PI IP address in address field and 3128 in port field.

Close and open again your browser. Now you are using your Squid proxy.

For more info and advanced settings, please refer to Squid official documentation.

Enjoy!

How useful was this post?

Click on a star to rate it anonymously!

Average rating 4.2 / 5. Vote count: 6

No votes so far! Be the first to rate this post.

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?